| 1 |
On Hét, November 10, 2008 13:43, pageexec@××××××××.hu wrote: |
| 2 |
> On 10 Nov 2008 at 7:24, Brian Kroth wrote: |
| 3 |
> |
| 4 |
>> atoth@××××××××××.hu <atoth@××××××××××.hu> 2008-11-10 12:31: |
| 5 |
>> > I usually have some of these while I'm listening to music: |
| 6 |
>> > grsec: (atoth:U:/usr/bin/audacious) denied resource overstep by |
| 7 |
>> requesting |
| 8 |
>> > 135168 for RLIMIT_MEMLOCK against limit 32768 for |
| 9 |
>> > /usr/bin/audacious[audacious:24077] uid/euid:1000/1000 |
| 10 |
>> gid/egid:100/100, |
| 11 |
>> > parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0 |
| 12 |
>> > and usual report about signal 11s for eg. with java while browsing. Of |
| 13 |
>> > course that RLMIT_MEMLOCK value requested is not so insane like that |
| 14 |
>> for |
| 15 |
>> > perl & pwd. |
| 16 |
>> |
| 17 |
>> Same here: |
| 18 |
>> |
| 19 |
>> grsec: denied resource overstep by requesting 69632 for RLIMIT_MEMLOCK |
| 20 |
>> against limit 32768 for /usr/bin/aplay[aplay:16674] uid/euid:1000/1000 |
| 21 |
>> gid/egid:1000/1000, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0 |
| 22 |
> |
| 23 |
> the memlock limit overstep is harmless, it won't cause any application |
| 24 |
> per se and you can get rid of it by granting the user in question a higher |
| 25 |
> limit for mlockable pages (the 32k is the linux default since 2.6.9 or |
| 26 |
> so). |
| 27 |
|
| 28 |
That's why I ignored these. |
| 29 |
|
| 30 |
> |
| 31 |
>> And for the perl forloop: |
| 32 |
>> |
| 33 |
>> grsec: denied resource overstep by requesting 4511036391424 for |
| 34 |
>> RLIMIT_STACK against limit 8388608 for /bin/pwd[pwd:18765] |
| 35 |
>> uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:18636] |
| 36 |
>> uid/euid:1000/1000 gid/egid:1000/1000 |
| 37 |
> |
| 38 |
> now this one definitely looks fishy and spender's looking into it already. |
| 39 |
> |
| 40 |
> |
| 41 |
|
| 42 |
If the representation of the resource's amount requested is correct, than |
| 43 |
there must be something odd with the userland. I tend to suspect the |
| 44 |
latter. |
| 45 |
|
| 46 |
Regards, |
| 47 |
Dw. |
Archives